CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,371 vulnerabilities with CWE-352
CVE-2022-1918
HIGH
ToolBar to Share < 2.0 - Cross-Site Request Forgery via Missing Nonce Validation
CVSS 8.8
CVE-2022-1900
HIGH
Copify <= 1.3.0 - Cross-Site Request Forgery via Missing Nonce Validation
CVSS 8.8
CVE-2022-1793
MEDIUM
Private Files WordPress Plugin <= 0.40 - Cross-Site Request Forgery via Protection Disable Action
CVSS 4.3
CVE-2022-1792
MEDIUM
Quick Subscribe < 1.7.1 - Cross-Site Request Forgery Leading to Stored Cross-Site Scripting
CVSS 5.4
CVE-2022-1791
HIGH
One Click Plugin Updater < 2.4.14 - Cross-Site Request Forgery in Settings Update
CVSS 8.1
CVE-2022-1790
MEDIUM
New User Email Set Up < 0.5.2 - Cross-Site Request Forgery in Settings Update
CVSS 6.5
CVE-2022-1788
MEDIUM
Change Uploaded File Permissions < 4.0.0 - Cross-Site Request Forgery
CVSS 6.5
CVE-2022-1787
MEDIUM
Sideblog < 6.0 - Cross-Site Request Forgery and Stored Cross-Site Scripting via Settings Update
CVSS 5.4
CVE-2022-1781
MEDIUM
postTabs < 2.10.6 - Cross-Site Request Forgery and Stored Cross-Site Scripting via Settings Update
CVSS 5.4
CVE-2022-1780
MEDIUM
LaTeX for WordPress < 3.4.10 - Cross-Site Request Forgery and Stored Cross-Site Scripting via Settings Update
CVSS 5.4
CVE-2022-1779
HIGH
Auto Delete Posts < 1.3.0 - Cross-Site Request Forgery in Settings Update
CVSS 8.1
CVE-2022-1765
HIGH
Hot Linked Image Cacher < 1.16 - Cross-Site Request Forgery
CVSS 8.8
CVE-2022-1764
MEDIUM
WP-chgFontSize < 1.8 - Cross-Site Request Forgery and Stored Cross-Site Scripting
CVSS 5.4
CVE-2022-1763
MEDIUM
Static Page eXtended < 2.1 - Cross-Site Request Forgery and Stored Cross-Site Scripting
CVSS 5.4
CVE-2022-1761
MEDIUM
Peter's Collaboration E-mails < 2.2.0 - Cross-Site Request Forgery via Missing Nonce Check
CVSS 6.5
CVE-2022-1759
MEDIUM
RB Internal Links < 2.0.16 - Cross-Site Request Forgery and Stored Cross-Site Scripting
CVSS 5.4
CVE-2022-1758
HIGH
Genki Pre-Publish Reminder < 1.4.1 - Cross-Site Request Forgery and Stored Cross-Site Scripting via Settings Update
CVSS 8.8
CVE-2022-1694
MEDIUM
Useful Banner Manager < 1.6.1 - Cross-Site Request Forgery in Admin Page
CVSS 6.5
CVE-2022-1624
MEDIUM
Latest Tweets Widget < 1.1.4 - Cross-Site Request Forgery in Settings Update
CVSS 6.5
CVE-2022-1612
MEDIUM
Webriti SMTP Mail < 1.0 - Cross-Site Request Forgery in Settings Update
CVSS 6.5
CVE-2022-1608
MEDIUM
OnePress Social Locker < 5.6.2 - Cross-Site Request Forgery in Settings Update
CVSS 6.5
CVE-2022-1605
MEDIUM
Email Users WordPress Plugin < 4.8.8 - Cross-Site Request Forgery in Settings Update
CVSS 6.5
CVE-2022-1594
MEDIUM
HC Custom WP-Admin URL < 1.4 - Cross-Site Request Forgery in Settings Update
CVSS 4.3
CVE-2022-27174
MEDIUM
Easy Blog for EC-CUBE4 <= 1.0.1 - Unauthenticated Cross-Site Request Forgery
CVSS 4.3
CVE-2022-22479
HIGH
IBM Spectrum Copy Data Management <2.2.15.0 - CSRF
CVSS 8.8
Details
Vulnerabilities
9,371
Exploit Likelihood
Medium